Assessing compliance: the ISO 27001 ISMS internal audit
Testing and assessing your information security measures is essential to ascertain whether the controls you have implemented are working effectively. Compliance with the international information security standard ISO 27001 requires continual monitoring and regular reviews of the ISMS. An internal audit is an effective measure to assess whether your ISMS is functioning as it should, and one of the requirements for ISO 27001 certification.
In this webinar you will get an overview of the internal audit process under ISO 27001. Leading the webinar is Steve Watkins, chair of the ISO/IEC 27001 User Group – the UK chapter of the ISMS International User Group, and technical assessor for UKAS (the United Kingdom Accreditation Service), advising on its assessments of certification bodies offering accredited certification.
This webinar will cover:
- The requirements for an internal audit and an internal audit program
- The role of the internal auditor and ISMS audits
- Mandatory documents for reviewing an ISO 27001-compliant ISMS
- An evidence-based approach to reporting, identifying, and compiling nonconformities
- Addressing common audit mistakes and challenges